From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nft PATCH 21/26] scanner: flags: move to own scope
Date: Sat, 19 Feb 2022 14:28:09 +0100 [thread overview]
Message-ID: <20220219132814.30823-22-phil@nwl.cc> (raw)
In-Reply-To: <20220219132814.30823-1-phil@nwl.cc>
This isolates at least 'constant', 'dynamic' and 'all' keywords.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
include/parser.h | 1 +
src/parser_bison.y | 29 +++++++++++++++--------------
src/scanner.l | 16 ++++++++++------
3 files changed, 26 insertions(+), 20 deletions(-)
diff --git a/include/parser.h b/include/parser.h
index 08bdeaca250b2..57f1fcc56bd54 100644
--- a/include/parser.h
+++ b/include/parser.h
@@ -34,6 +34,7 @@ enum startcond_type {
PARSER_SC_CT,
PARSER_SC_COUNTER,
PARSER_SC_ETH,
+ PARSER_SC_FLAGS,
PARSER_SC_ICMP,
PARSER_SC_IGMP,
PARSER_SC_IP,
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 1cdf4cc88376f..af31f72fd6c99 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -937,6 +937,7 @@ close_scope_esp : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_ESP); }
close_scope_eth : { scanner_pop_start_cond(nft->scanner, PARSER_SC_ETH); };
close_scope_export : { scanner_pop_start_cond(nft->scanner, PARSER_SC_CMD_EXPORT); };
close_scope_fib : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_FIB); };
+close_scope_flags : { scanner_pop_start_cond(nft->scanner, PARSER_SC_FLAGS); };
close_scope_frag : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_FRAG); };
close_scope_hash : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_HASH); };
close_scope_hbh : { scanner_pop_start_cond(nft->scanner, PARSER_SC_EXPR_HBH); };
@@ -1668,7 +1669,7 @@ table_block_alloc : /* empty */
}
;
-table_options : FLAGS STRING
+table_options : FLAGS STRING close_scope_flags
{
if (strcmp($2, "dormant") == 0) {
$<table>0->flags |= TABLE_F_DORMANT;
@@ -1935,7 +1936,7 @@ set_block : /* empty */ { $$ = $<set>-1; }
datatype_set($1->key, $3->dtype);
$$ = $1;
}
- | set_block FLAGS set_flag_list stmt_separator
+ | set_block FLAGS set_flag_list stmt_separator close_scope_flags
{
$1->flags = $3;
$$ = $1;
@@ -2069,7 +2070,7 @@ map_block : /* empty */ { $$ = $<set>-1; }
$1->flags |= NFT_SET_OBJECT;
$$ = $1;
}
- | map_block FLAGS set_flag_list stmt_separator
+ | map_block FLAGS set_flag_list stmt_separator close_scope_flags
{
$1->flags |= $3;
$$ = $1;
@@ -2142,7 +2143,7 @@ flowtable_block : /* empty */ { $$ = $<flowtable>-1; }
{
$$->flags |= NFT_FLOWTABLE_COUNTER;
}
- | flowtable_block FLAGS OFFLOAD stmt_separator
+ | flowtable_block FLAGS OFFLOAD stmt_separator close_scope_flags
{
$$->flags |= FLOWTABLE_F_HW_OFFLOAD;
}
@@ -2509,7 +2510,7 @@ dev_spec : DEVICE string
| /* empty */ { $$ = NULL; }
;
-flags_spec : FLAGS OFFLOAD
+flags_spec : FLAGS OFFLOAD close_scope_flags
{
$<chain>0->flags |= CHAIN_F_HW_OFFLOAD;
}
@@ -3114,7 +3115,7 @@ log_arg : PREFIX string
$<stmt>0->log.level = $2;
$<stmt>0->log.flags |= STMT_LOG_LEVEL;
}
- | FLAGS log_flags
+ | FLAGS log_flags close_scope_flags
{
$<stmt>0->log.logflags |= $2;
}
@@ -3816,13 +3817,13 @@ queue_stmt : queue_stmt_compat close_scope_queue
{
$$ = queue_stmt_alloc(&@$, $3, 0);
}
- | QUEUE FLAGS queue_stmt_flags TO queue_stmt_expr close_scope_queue
+ | QUEUE FLAGS queue_stmt_flags close_scope_flags TO queue_stmt_expr close_scope_queue
{
- $$ = queue_stmt_alloc(&@$, $5, $3);
+ $$ = queue_stmt_alloc(&@$, $6, $3);
}
- | QUEUE FLAGS queue_stmt_flags QUEUENUM queue_stmt_expr_simple close_scope_queue
+ | QUEUE FLAGS queue_stmt_flags close_scope_flags QUEUENUM queue_stmt_expr_simple close_scope_queue
{
- $$ = queue_stmt_alloc(&@$, $5, $3);
+ $$ = queue_stmt_alloc(&@$, $6, $3);
}
;
@@ -5489,7 +5490,7 @@ comp_hdr_expr : COMP comp_hdr_field close_scope_comp
;
comp_hdr_field : NEXTHDR { $$ = COMPHDR_NEXTHDR; }
- | FLAGS { $$ = COMPHDR_FLAGS; }
+ | FLAGS close_scope_flags { $$ = COMPHDR_FLAGS; }
| CPI { $$ = COMPHDR_CPI; }
;
@@ -5543,7 +5544,7 @@ tcp_hdr_field : SPORT { $$ = TCPHDR_SPORT; }
| ACKSEQ { $$ = TCPHDR_ACKSEQ; }
| DOFF { $$ = TCPHDR_DOFF; }
| RESERVED { $$ = TCPHDR_RESERVED; }
- | FLAGS { $$ = TCPHDR_FLAGS; }
+ | FLAGS close_scope_flags { $$ = TCPHDR_FLAGS; }
| WINDOW { $$ = TCPHDR_WINDOW; }
| CHECKSUM { $$ = TCPHDR_CHECKSUM; }
| URGPTR { $$ = TCPHDR_URGPTR; }
@@ -5657,7 +5658,7 @@ sctp_chunk_type : DATA { $$ = SCTP_CHUNK_TYPE_DATA; }
;
sctp_chunk_common_field : TYPE close_scope_type { $$ = SCTP_CHUNK_COMMON_TYPE; }
- | FLAGS { $$ = SCTP_CHUNK_COMMON_FLAGS; }
+ | FLAGS close_scope_flags { $$ = SCTP_CHUNK_COMMON_FLAGS; }
| LENGTH { $$ = SCTP_CHUNK_COMMON_LENGTH; }
;
@@ -5825,7 +5826,7 @@ rt4_hdr_expr : RT4 rt4_hdr_field close_scope_rt
;
rt4_hdr_field : LAST_ENT { $$ = RT4HDR_LASTENT; }
- | FLAGS { $$ = RT4HDR_FLAGS; }
+ | FLAGS close_scope_flags { $$ = RT4HDR_FLAGS; }
| TAG { $$ = RT4HDR_TAG; }
| SID '[' NUM ']'
{
diff --git a/src/scanner.l b/src/scanner.l
index 6ef20512f6b35..608471b39898d 100644
--- a/src/scanner.l
+++ b/src/scanner.l
@@ -200,6 +200,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
%s SCANSTATE_CT
%s SCANSTATE_COUNTER
%s SCANSTATE_ETH
+%s SCANSTATE_FLAGS
%s SCANSTATE_ICMP
%s SCANSTATE_IGMP
%s SCANSTATE_IP
@@ -355,9 +356,14 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"index" { return INDEX; }
"comment" { return COMMENT; }
-"constant" { return CONSTANT; }
+<SCANSTATE_FLAGS>{
+ "constant" { return CONSTANT; }
+ "dynamic" { return DYNAMIC; }
+
+ /* log flags */
+ "all" { return ALL; }
+}
"interval" { return INTERVAL; }
-"dynamic" { return DYNAMIC; }
"auto-merge" { return AUTOMERGE; }
"timeout" { return TIMEOUT; }
"gc-interval" { return GC_INTERVAL; }
@@ -403,7 +409,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
}
"queue" { scanner_push_start_cond(yyscanner, SCANSTATE_EXPR_QUEUE); return QUEUE;}
-<SCANSTATE_EXPR_QUEUE>{
+<SCANSTATE_FLAGS,SCANSTATE_EXPR_QUEUE>{
"num" { return QUEUENUM;}
"bypass" { return BYPASS;}
"fanout" { return FANOUT;}
@@ -592,7 +598,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
<SCANSTATE_EXPR_COMP>{
"cpi" { return CPI; }
}
-"flags" { return FLAGS; }
+"flags" { scanner_push_start_cond(yyscanner, SCANSTATE_FLAGS); return FLAGS; }
"udp" { scanner_push_start_cond(yyscanner, SCANSTATE_EXPR_UDP); return UDP; }
"udplite" { scanner_push_start_cond(yyscanner, SCANSTATE_EXPR_UDPLITE); return UDPLITE; }
@@ -762,8 +768,6 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr})
"notrack" { return NOTRACK; }
-"all" { return ALL; }
-
<SCANSTATE_CMD_EXPORT,SCANSTATE_CMD_IMPORT,SCANSTATE_CMD_MONITOR>{
"xml" { return XML; }
"json" { return JSON; }
--
2.34.1
next prev parent reply other threads:[~2022-02-19 13:28 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-19 13:27 [nft PATCH 00/26] scanner: Some fixes, many new scopes Phil Sutter
2022-02-19 13:27 ` [nft PATCH 01/26] tests: py: Test connlimit statement Phil Sutter
2022-02-19 13:27 ` [nft PATCH 02/26] scanner: Move 'maps' keyword into list cmd scope Phil Sutter
2022-02-19 13:27 ` [nft PATCH 03/26] scanner: Some time units are only used in limit scope Phil Sutter
2022-02-20 0:38 ` Pablo Neira Ayuso
2022-02-20 0:40 ` Pablo Neira Ayuso
2022-02-20 0:44 ` Phil Sutter
2022-02-19 13:27 ` [nft PATCH 04/26] scanner: rt: Move seg-left keyword into scope Phil Sutter
2022-02-19 13:27 ` [nft PATCH 05/26] scanner: icmp{,v6}: Move to own scope Phil Sutter
2022-02-19 13:27 ` [nft PATCH 06/26] scanner: igmp: " Phil Sutter
2022-02-19 13:27 ` [nft PATCH 07/26] scanner: tcp: " Phil Sutter
2022-02-19 13:27 ` [nft PATCH 08/26] scanner: synproxy: " Phil Sutter
2022-02-19 13:27 ` [nft PATCH 09/26] scanner: comp: " Phil Sutter
2022-02-19 13:27 ` [nft PATCH 10/26] scanner: udp{,lite}: " Phil Sutter
2022-02-19 13:27 ` [nft PATCH 11/26] scanner: dccp, th: Move to own scopes Phil Sutter
2022-02-19 13:28 ` [nft PATCH 12/26] scanner: osf: Move to own scope Phil Sutter
2022-02-19 13:28 ` [nft PATCH 13/26] scanner: ah, esp: Move to own scopes Phil Sutter
2022-02-19 13:28 ` [nft PATCH 14/26] scanner: dst, frag, hbh, mh: " Phil Sutter
2022-02-19 13:28 ` [nft PATCH 15/26] scanner: type: Move to own scope Phil Sutter
2022-02-19 13:28 ` [nft PATCH 16/26] scanner: rt: Extend scope over rt0, rt2 and srh Phil Sutter
2022-02-19 13:28 ` [nft PATCH 17/26] scanner: monitor: Move to own Scope Phil Sutter
2022-02-19 13:28 ` [nft PATCH 18/26] scanner: reset: move " Phil Sutter
2022-02-19 13:28 ` [nft PATCH 19/26] scanner: import, export: Move to own scopes Phil Sutter
2022-02-19 13:28 ` [nft PATCH 20/26] scanner: reject: Move to own scope Phil Sutter
2022-02-19 13:28 ` Phil Sutter [this message]
2022-02-19 13:28 ` [nft PATCH 22/26] scanner: policy: move " Phil Sutter
2022-02-19 13:28 ` [nft PATCH 23/26] scanner: nat: Move " Phil Sutter
2022-02-19 13:28 ` [nft PATCH 24/26] scanner: at: " Phil Sutter
2022-02-19 13:28 ` [nft PATCH 25/26] scanner: meta: " Phil Sutter
2022-02-19 13:28 ` [nft PATCH 26/26] scanner: dup, fwd, tproxy: Move to own scopes Phil Sutter
2022-02-20 0:34 ` [nft PATCH 00/26] scanner: Some fixes, many new scopes Pablo Neira Ayuso
2022-02-20 0:46 ` Phil Sutter
2022-02-28 21:40 ` Pablo Neira Ayuso
2022-03-01 17:24 ` Phil Sutter
2022-03-01 21:07 ` Pablo Neira Ayuso
2022-03-02 13:50 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220219132814.30823-22-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).